ABUS wireless door lock HomeTec Pro CFA3000 is unsafe: replace it!
A certain wireless lock from the manufacturer ABUS is insecure. Burglars can unlock it by radio.
This ABUS wireless door lock drive HomeTec Pro CFA3000 W white 10123, which is currently available from Amazon, should not be affected by the security gap.
The Federal Office for Information Security BSI warns of wireless locks from the manufacturer ABUS. Specifically, it is the HomeTec Pro CFA3000 wireless door lock drive.
The BSI writes in its warning: “The BSI has found out about a vulnerability in the product set HomeTec Pro CFA3000 wireless door lock drive and wireless remote control CFF3000 (radio remote control for the CFA3000 product). The company confirmed the vulnerability to the BSI and also reported it that the weak point in the wireless door lock drive HomeTec Pro CFA3000 (in this product generation) cannot be remedied because there are no update options for the customer.According to the company, the product examined is a discontinued model, which will be replaced by a subsequent generation (since March 2021 on the market) will be replaced.”
The problem for the customer:
The safe successor model does not differ significantly from the unsafe older models, either visually or in terms of its name. The BSI writes: “In the absence of specific information, the date of purchase or manufacture of a corresponding device is not an indicator of whether the device is affected by the vulnerability.”
You cannot tell from the lock whether it is an older, insecure device or a more secure, newer device. According to the manufacturer, only a Bluetooth logo on the lock or a physical QR code card that comes with the lock could be used to identify the newer models.
Attackers can unlock and lock the lock through the weak point and thus gain access to the apartment. The prerequisite is that the attacker is close to the castle.
Replace the ABUS HomeTec Pro CFA3000 with a secure door lock if you are not sure whether a more recent, secure version of the HomeTec Pro CFA3000 is installed.
Market overview: Smart door locks – open the door without a key
Who pays the exchange?
The BSI does not issue any legal assessment on this. A software update of the existing lock is not possible.
ABUS wireless door lock drive HomeTec Pro CFA3000 W white 10123